Ransomware the Next Steps (pt.2) | Smart Thinking Solutions

In the first part of this article on how ransomware has changed, we looked at the actual attacks, today we are going to look at ransomware payments.

Ransomware. Pay up?

In the early days of ransomware, paying for the decryption key was an option. Although back then most people who were hit did not understand or have ready access to Bitcoin payment methods and of course there was the issue of “can you trust a crook” to send you the decryption key.

However, once you have paid, you are marked as an easy target for the cyber criminals. It was found that in over 80% of cases where a ransom had been paid, the organisations were hit by a second attack, demanding more money. (Catton, 2025)

Ransomware. Don’t Pay!

But the authorities have reservations about organisations funding criminal gangs. In August 2022, The National Cyber Security Centre (NCSC) and the Information Commissioner’s Office (ICO) wrote to The Law Society and The Bar Council outlining why it is better for everyone (including those infected with the ransomware) not to engage with the threat actors by paying the ransoms demanded. (Catton, 2025)

Recently the Australian government passed legislation making the secret payment of ransomware ransoms illegal (Martin, 2025) and the UK government is considering legislation to ban public bodies such as councils and the NHS from paying extortion demands. (Gatlan, 2025)

There is one more issue with wanting to pay a ransom – depending on where the cyber criminals are based, you, and any solicitors and/or agents you engage to help with the payments, may be breaking international sanctions imposed on such countries as Russia and Iran. That sounds pretty serious to me.

If your plan was to “pay up”, then that is becoming more difficult to do!

Your Takeaway

You need a ransomware plan, cyber security tools to protect your data and monitor and react to suspicious activity and a team of professionals you can count on.

Read this:

Ransomware – A Primer | Smart Thinking Solutions

Clive Catton MSc (Cyber Security) – by-line and other articles

References

Catton, C. (2025, May 14). If your plan to defeat ransomware is to pay up then read on. . .. Smart Thinking Solutions. https://smartthinking.solutions/2025/05/14/if-your-plan-to-defeat-ransomware-is-to-pay-up-then-read-on/

Gatlan, S. (2025, July 22). UK to ban public sector orgs from paying ransomware gangs. BleepingComputer. https://www.bleepingcomputer.com/news/security/uk-to-ban-public-sector-orgs-from-paying-ransomware-gangs/

Martin, A. (2025, May 30). Australian ransomware victims now must tell the government if they pay up. The Record. https://therecord.media/australia-ransomware-victims-must-report-payments

Summer Cyber Security Webinars

The summer webinar series has started. It is not too late to sign up for the rest of the series and then you can get access to the recording of the episodes you missed.

Hack Me If You Can! What’s your excuse? – Sign Up Here

Photo by Suzy Hazelwood

Cookie	Duration	Description
IDE	1 year 24 days	Google DoubleClick IDE cookies are used to store information about how the user uses the website to present them with relevant ads and according to the user profile.
test_cookie	15 minutes	The test_cookie is set by doubleclick.net and is used to determine if the user's browser supports cookies.
VISITOR_INFO1_LIVE	5 months 27 days	A cookie set by YouTube to measure bandwidth that determines whether the user gets the new or old player interface.
YSC	session	YSC cookie is set by Youtube and is used to track the views of embedded videos on Youtube pages.
yt-remote-connected-devices	never	YouTube sets this cookie to store the video preferences of the user using embedded YouTube video.
yt-remote-device-id	never	YouTube sets this cookie to store the video preferences of the user using embedded YouTube video.

Ransomware. Pay up?

Ransomware. Don’t Pay!

References

Further Reading

Summer Cyber Security Webinars